<%@page import="support.*, java.util.*, java.sql.*, java.lang.Integer" %>
<%@ page import="java.sql.*, javax.sql.*, javax.naming.*" %>

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Registration Confirmation</title>
</head>
<body>

    <!-- Book keeping -->
    <%
    // String error message
    String err = "";
    // error flag
    boolean errorFlag = false;
    
    // Connect to ConnectionPool
    Connection conn = null;
    try{
        Context initCtx = new InitialContext();
        DataSource ds = (DataSource)initCtx.lookup("java:comp/env/jdbc/CS135");
        conn = ds.getConnection();
    }finally{
    }
    Statement stmt = conn.createStatement();
    
    
    // Users Role
    String role = "student";
    
    //  <!-- username is taken -->
    
    String username = request.getParameter("username");
    ResultSet rset = stmt.executeQuery("SELECT COUNT(*) FROM applicants where username =\'" + username + "\'");  // can we use question mark?
    // if username is taken go back to applicant registration with error message
    if(rset.next() && rset.getInt(1) > 0){
        // set error message
        err += "User name is already taken <br>";
        errorFlag = true;
        session.setAttribute("error", err);
    }
    //<!-- password is empty -->
    String password = request.getParameter("password");
    String passwordcheck = request.getParameter("passwordcheck");
    
    if(password.equals("")){
        // set error message
        err += "Password is empty<br>";
        errorFlag = true;
        session.setAttribute("error",err);
    }
    //<!-- password does not match -->
    if(!password.equals(passwordcheck)){
            //<!-- set error message -->
        err += "Passwords entered do not match<br>";
        errorFlag = true;
        session.setAttribute("error",err);
    }
    //<!-- email is taken -->
    String email = request.getParameter("email");
    rset = stmt.executeQuery("SELECT COUNT(*) FROM applicants where email =\'" + email + "\'");  // can we use question mark?
    // if username is taken go back to applicant registration with error message
    if(rset.next() && rset.getInt(1) > 0){
        // set error message
        err += "Email has already registered<br>Try logging in and submitting application<br>";
        errorFlag = true;
        session.setAttribute("error", err);
    }
            
    %>
    Success!  Your username is <%= username %>

    <% 
    if(errorFlag){
        response.sendRedirect("applicantregistration.jsp");
    }else{
      // encode the password
      String encMD5pwd = org.apache.catalina.realm.RealmBase.Digest(password, "MD5", "ASCII");
    // Insert applicant into table
      PreparedStatement pstmt = conn.prepareStatement("INSERT INTO applicants (username, password, email) VALUES (?, ?, ?)");
      // set username
      pstmt.setString(1, username);
      // set password
      pstmt.setString(2, encMD5pwd);
      // set email
      pstmt.setString(3, email);
      // update
      pstmt.executeUpdate();
      
      // Insert student into table
      pstmt = conn.prepareStatement("INSERT INTO applicant_roles (username, role) VALUES (?, ?)");
      // set first name
      pstmt.setString(1, username);
      // set middle name
      pstmt.setString(2, role);
      // update
      pstmt.executeUpdate();
      
      conn.commit();
    }
     %>

     
     <br><a href="/Application_Submission/account.do">Proceed to account?</a>
</body>
</html>